~ ZHPDiag v2016.1.27.21 By Nicolas Coolman (2016/01/27) ~ Run by Administrator (Administrator) (2016/01/27 14:25:18) ~ Web: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Documents and Settings\Administrator\Desktop\ZHPDiag.txt ~ Report: C:\Documents and Settings\Administrator\Application Data\ZHP\ZHPDiag.txt ~ UAC: Deactivate ~ System startup: Normal (Normal boot) Windows XP, 32-bit Service Pack 3 (Build 2600) ---\\ Internet Browsers (2) - 1s GCIE: Google Chrome v48.0.2564.82 MSIE: Internet Explorer v8.0.6001.18702 ---\\ Windows Product Information (3) - 0s Windows Automatic Updates : OK Windows Activation Technologies : KO Windows Genuine Advantage : OK ---\\ System protection software (2) - 1s ESET Smart Security v9.0.318.24 Malwarebytes Anti-Malware النسخة 2.2.0.1024 ---\\ System optimization software (1) - 1s CCleaner v5.13 ---\\ Surveillance software (2) - 2s Adobe Flash Player 12 Plugin Adobe Reader XI ---\\ Information on the system (6) - 0s ~ Operating System: x86 Family 15 Model 6 Stepping 5, GenuineIntel ~ Operating System: 32-bit ~ Boot mode: Normal (Normal boot) Total RAM: 1046.952 MB (15% free) System Restore: Activé (Enable) System drive C: has 122 GB () free of 149 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: JARRAH ~ User Name: Administrator ~ Logged in as Administrator ---\\ Enumeration of the disk units (3) - 5s ~ Drive C: has 122 GB free of 149 GB (System) ~ Drive D: has 156 GB free of 160 GB ~ Drive E: has 145 GB free of 166 GB ---\\ State of the Windows Security Center (8) - 0s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Search Generic System Files (23) - 1s [MD5.2BB75B7F548D82A099125D0C5971DE7D] - 12/07/2012 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [1033728] =>.Microsoft Corporation [MD5.037B1E7798960E0420003D05BB577EE6] - 14/04/2008 - (.Microsoft Corporation - Run a DLL as an App.) -- C:\WINDOWS\System32\rundll32.exe [33280] =>.Microsoft Corporation [MD5.553AD35768CD27959391DD5AA82CEF6F] - 12/07/2012 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [920064] =>.Microsoft Corporation [MD5.53A8857723277B1D6D5EE60A9F85B117] - 12/07/2012 - (.Microsoft Corporation - Windows NT Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [509440] =>.Microsoft Corporation [MD5.64AA11D53A4A84CDF43370D7036517C3] - 12/07/2012 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [149504] =>.Microsoft Corporation [MD5.F6B7B1ECD7B41736BDB6FF4B092BCB79] - 12/07/2012 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [138496] =>.Microsoft Corporation [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - 13/04/2008 - (.Microsoft Corporation - IDE/ATAPI Port Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [96512] =>.Microsoft Corporation [MD5.C885B02847F5D2FD45A24E219ED93B32] - 14/04/2008 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744] =>.Microsoft Corporation [MD5.4B0A100EAF5C49EF3CCA8C641431EACC] - 12/07/2012 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976] =>.Microsoft Corporation [MD5.D45926117EB9FA946A6AF572FBE1CAA3] - 14/04/2008 - (.Microsoft Corporation - FIPS Crypto Driver.) -- C:\WINDOWS\System32\drivers\Fips.sys [44544] =>.Microsoft Corporation [MD5.573C7D0A32852B48F3058CFD8026F511] - 14/04/2008 - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384] [MD5.4A0B06AA8943C1E332520F7440C0AA30] - 13/04/2008 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [52480] =>.Microsoft Corporation [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - 14/04/2008 - (.Microsoft Corporation - IMAPI Kernel Driver.) -- C:\WINDOWS\System32\drivers\Imapi.sys [42112] =>.Microsoft Corporation [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - 14/04/2008 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [152832] =>.Microsoft Corporation [MD5.23C74D75E36E7158768DD63D92789A91] - 14/04/2008 - (.Microsoft Corporation - IPSec Driver.) -- C:\WINDOWS\System32\drivers\IPSec.sys [75264] =>.Microsoft Corporation [MD5.FB2FCCC70F7174C7BF64F48E96D3ADF4] - 12/07/2012 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [457856] =>.Microsoft Corporation [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - 14/04/2008 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [162816] =>.Microsoft Corporation [MD5.4C51D5275AE8A16999EDFE7E647D00DE] - 18/11/2008 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [576384] =>.Microsoft Corporation [MD5.5575FAF8F97CE5E713D108C2A58D7C7C] - 12/07/2012 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [80128] =>.Microsoft Corporation [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - 14/04/2008 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328] =>.Microsoft Corporation [MD5.47EA20320E3D6FDC7B7BB22B2B881CA6] - 04/09/2009 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [195712] =>.Microsoft Corporation [MD5.F828DD7E1419B6653894A8F97A0094C5] - 13/04/2008 - (.Microsoft Corporation - Redbook Audio Filter Driver.) -- C:\WINDOWS\System32\drivers\redbook.sys [57600] =>.Microsoft Corporation [MD5.4C8FCB5CC53AAB716D810740FE59D025] - 14/04/2008 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [52352] =>.Microsoft Corporation ---\\ Non Microsoft non disabled Windows Services (13) - 4s O23 - Service: CLHNServiceForPowerDVD12 (CLHNServiceForPowerDVD12) . (.CyberLink Corp. - CLHNServiceForPowerDVD12 Module.) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe =>.CyberLink® O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service (CyberLink PowerDVD 12 Media Server Monitor Service) . (.CyberLink - CyberLink Media Server Monitor Service.) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe =>.CyberLink® O23 - Service: CyberLink PowerDVD 12 Media Server Service (CyberLink PowerDVD 12 Media Server Service) . (.CyberLink - CyberLink Media Server Service.) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe =>.CyberLink® O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.® O23 - Service: خدمة Google Update (gupdate) (gupdate) . (.Google Inc. - مثبِّت Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: Hotspot Shield Monitoring Service (HssWd) . (.AnchorFree Inc. - Hotspot Shield 5.1.2.) - C:\Program Files\Hotspot Shield\bin\hsswd.exe =>.AnchorFree Inc® O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe =>.Oracle America, Inc.® O23 - Service: (MBAMScheduler) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation® O23 - Service: (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation® O23 - Service: NVIDIA Driver Helper Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 307.8.) - C:\WINDOWS\system32\nvsvc32.exe =>.NVIDIA Corporation® O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe =>.NVIDIA Corporation® O23 - Service: RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe =>.RealNetworks, Inc.® O23 - Service: Power Control [2015/04/01 21:50:28] ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) . (.CyberLink Corp. - .) - C:\Program Files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl =>.CyberLink® ---\\ Services not Microsoft (SR=Run, SS=Stop) (20) - 35s SS - Demand [01/04/2015] [ 257928] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated® SR - Auto [14/03/2012] [ 87336] CLHNServiceForPowerDVD12 (CLHNServiceForPowerDVD12) . (.CyberLink Corp..) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe =>.CyberLink® SR - Auto [14/03/2012] [ 75048] CyberLink PowerDVD 12 Media Server Monitor Service (CyberLink PowerDVD 12 Media Server Monitor Service) . (.CyberLink.) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe =>.CyberLink® SR - Auto [14/03/2012] [ 296232] CyberLink PowerDVD 12 Media Server Service (CyberLink PowerDVD 12 Media Server Service) . (.CyberLink.) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe =>.CyberLink® SR - Auto [09/10/2015] [ 1971968] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.® SS - Auto [10/01/2016] [ 144200] خدمة Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [10/01/2016] [ 144200] خدمة Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [15/12/2015] [ 96600] Hotspot Shield Tray Service (HssTrayService) . (...) - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE =>.AnchorFree Inc® SR - Auto [15/12/2015] [ 864464] Hotspot Shield Monitoring Service (HssWd) . (.AnchorFree Inc..) - C:\Program Files\Hotspot Shield\bin\hsswd.exe =>.AnchorFree Inc® SR - Auto [01/04/2015] [ 182696] Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe =>.Oracle America, Inc.® SR - Auto [05/10/2015] [ 1513784] (MBAMScheduler) . (.Malwarebytes.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation® SR - Auto [05/10/2015] [ 1135416] (MBAMService) . (.Malwarebytes.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation® SS - Demand [12/02/2014] [ 118896] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation® SS - Demand [28/11/2007] [ 800040] NBService (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe =>.Nero AG® SR - Demand [27/06/2007] [ 279848] NMIndexingService (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe =>.Nero AG® SR - Auto [31/01/2013] [ 156448] NVIDIA Driver Helper Service (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe =>.NVIDIA Corporation® SS - Auto [31/01/2013] [ 1259296] NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe =>.NVIDIA Corporation® SR - Auto [14/08/2013] [ 39056] RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe =>.RealNetworks, Inc.® SS - Auto [19/03/2012] [ 87536] Power Control [2015/04/01 21:50:28] ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) . (.CyberLink Corp..) - C:\Program Files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl =>.CyberLink® ---\\ Process running (26) - 6s [MD5.05D36FCAB501C67DEA797FAFB5C42AC5] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1971968] [PID.1512] =>.ESET, spol. s r.o.® [MD5.80FD4D46B0E9B620CF757A9A5C789329] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.EXE [577536] [PID.184] =>.Realtek Semiconductor Corp. [MD5.02C02E1A92435043FC275101A8ECAAAB] - (.Copyright (C) 2003 - MaySample MFC Application.) -- C:\Program Files\Application\Video Wizard WDM Video Capture\Remote.exe [241664] [PID.220] [MD5.0BCDFD7BA8AD4159A3B77B1F877120BE] - (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743136] [PID.244] =>.Wondershare Software Co., Ltd. ® [MD5.8651F84ECBE5687A6628F1062300608C] - (.CyberLink - DMREngine.) -- C:\Program Files\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [501544] [PID.252] =>.CyberLink® [MD5.FBBD76D32C007B7AAC92399B9EB7BD11] - (.CyberLink Corp. - PowerDVD 12.) -- C:\Program Files\CyberLink\PowerDVD12\PowerDVD12Agent.exe [371256] [PID.280] =>.CyberLink® [MD5.F6158734F1E24C6C510155CF0D363911] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512] [PID.472] =>.RealNetworks, Inc.® [MD5.86F0D0B3A07C142C81DAB47E8495A822] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872] [PID.932] =>.Nero AG® [MD5.8025F05E5A51FD499584AFD7A688423C] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [6602152] [PID.960] =>.Piriform Ltd® [MD5.549F6A1198C3120BB836F04BB1BAF5B8] - (.CyberLink Corp. - CLHNServiceForPowerDVD12 Module.) -- C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [87336] [PID.804] =>.CyberLink® [MD5.751E67A18468ADAE2D6AA90F026E2DBE] - (.CyberLink - CyberLink Media Server Monitor Service.) -- C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [75048] [PID.352] =>.CyberLink® [MD5.3DE230F59C8830168EAAB163B606DD37] - (.CyberLink - CyberLink Media Server Service.) -- C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [296232] [PID.1832] =>.CyberLink® [MD5.2F96B2D2338919162EC9E0554F8F727A] - (.AnchorFree Inc. - Hotspot Shield 5.1.2.) -- C:\Program Files\Hotspot Shield\bin\hsswd.exe [864464] [PID.2164] =>.AnchorFree Inc® [MD5.80A79264302910C7C24BA7E44267EFEF] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182696] [PID.2724] =>.Oracle America, Inc.® [MD5.AB176B9E59C0435499D83047D84EDD59] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784] [PID.2764] =>.Malwarebytes Corporation® [MD5.40C126CB15FAB7D6C66490DCA9C1AED2] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416] [PID.4088] =>.Malwarebytes Corporation® [MD5.1982E96B2C5C2EFFEF38EFC37293A42E] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 307.8.) -- C:\WINDOWS\system32\nvsvc32.exe [156448] [PID.2188] =>.NVIDIA Corporation® [MD5.96EFEC24346A8EB1157E80523079ADDC] - (...) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056] [PID.2820] =>.RealNetworks, Inc.® [MD5.BABBBDEF9DBB5E012EE5210FCB47C33B] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe [9832760] [PID.3552] =>.Malwarebytes Corporation® [MD5.A328A46D87BB92CE4D8A4528E9D84787] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [279848] [PID.3568] =>.Nero AG® [MD5.FFBD5650348D4F9E0AA8E72938DC6478] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe [1213736] [PID.3804] =>.Nero AG® [MD5.E0ED4A85D35E3874A85A25C222326B81] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5532872] [PID.3228] =>.ESET, spol. s r.o.® [MD5.51667022FACBD1AA611373DA16C98533] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [748872] [PID.2872] =>.Google Inc® [MD5.51667022FACBD1AA611373DA16C98533] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [748872] [PID.3628] =>.Google Inc® [MD5.51667022FACBD1AA611373DA16C98533] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [748872] [PID.3268] =>.Google Inc® [MD5.AD0F16DEF98337C3F11E69DCFDD9928E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\Administrator\My Documents\Downloads\ZHPDiag3 (1).exe [2097152] [PID.1800] =>.Nicolas Coolman ---\\ Google Chrome, Start,Search,Extensions (10) - 1s G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [idhngdhcfkoamngbedgpaokgjbnpdiji] RealDownloader G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (1) - 3s P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll =>.Adobe Systems Incorporated ---\\ Internet Explorer Extensions, Start, Search (10) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer, Proxy Management (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (19) ---\\ Browser Helper Object (BHO) (3) - 1s O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation® O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll =>.Oracle America, Inc.® O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll =>.Oracle America, Inc.® ---\\ Auto loading programs from Registry and folders (21) - 1s O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.EXE =>.Realtek Semiconductor Corp. O4 - HKLM\..\Run: [IR Control] . (.Copyright (C) 2003 - MaySample MFC Application.) -- C:\Program Files\Application\Video Wizard WDM Video Capture\Remote.exe O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe =>.Wondershare Software Co., Ltd. ® O4 - HKLM\..\Run: [PowerDVD12DMREngine] . (.CyberLink - DMREngine.) -- C:\Program Files\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe =>.CyberLink® O4 - HKLM\..\Run: [PowerDVD12Agent] . (.CyberLink Corp. - PowerDVD 12.) -- C:\Program Files\CyberLink\PowerDVD12\PowerDVD12Agent.exe =>.CyberLink® O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Program Files\NVIDIA Corporation\nview\nwiz.exe =>.NVIDIA Corporation® O4 - HKLM\..\Run: [NvMediaCenter] . (.Microsoft Corporation - Run a DLL as an App.) -- C:\WINDOWS\System32\RunDLL32.exe =>.Microsoft Corporation O4 - HKLM\..\Run: [NvCplDaemon] . (.Microsoft Corporation - Run a DLL as an App.) -- C:\WINDOWS\System32\RUNDLL32.EXE =>.Microsoft Corporation O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe =>.Nero AG® O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe =>.Microsoft Corporation® O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe =>.Apple Inc.® O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems, Incorporated® O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe =>.RealNetworks, Inc.® O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe =>.Nero AG® O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd® O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-1004336348-1767777339-1606980848-500\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-1004336348-1767777339-1606980848-500\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe =>.Nero AG® O4 - HKUS\S-1-5-21-1004336348-1767777339-1606980848-500\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd® ---\\ Global shortcuts Startup (112) - 39s O4 - GS\Desktop [Administrator]: ESET Smart Security.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.® O4 - GS\Desktop [Administrator]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools O4 - GS\Desktop [Administrator]: FM.lnk . (.版权所有 (C) 2004 - FM Microsoft 基础类应用程序.) C:\Program Files\Application\Video Wizard WDM Video Capture\FM.EXE O4 - GS\Desktop [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao® O4 - GS\Desktop [Administrator]: Golden Al-Wafi Translator.lnk . (.ATA Software Technology Ltd - Golden Al-Wafi Translation Software.) C:\Program Files\Golden Al-Wafi Translator\Golden Al-Wafi Translator.exe O4 - GS\Desktop [Administrator]: Internet Download Manager.lnk . (...) C:\Program Files\Internet Download Manager\IDMan.exe O4 - GS\Desktop [Administrator]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG® O4 - GS\Desktop [Administrator]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech® O4 - GS\Desktop [Administrator]: Quraish(Arabic).lnk . (.AfkarMedia® - Quraish main executable.) C:\Program Files\AfkarMedia\Quraish\Quraish.exe O4 - GS\Desktop [Administrator]: Video Wizard WDM Video Capture.lnk . (.Copyright (C) 2004 - .) C:\Program Files\Application\Video Wizard WDM Video Capture\WinTVR.EXE O4 - GS\Desktop [Administrator]: Who Is On My Wifi.lnk . (.Copyright © 2013 - mywifi3.) C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe O4 - GS\Desktop [Administrator]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files\Your Uninstaller! 7\urmain.exe O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\Administrator\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Administrator]: ALL Media Server.lnk . (.ALLCinema Ltd. - .) C:\Program Files\ALLMediaServer\ALLMediaServer.exe O4 - GS\Quicklaunch [Administrator]: Bigasoft Video Downloader Pro.lnk . (.Bigasoft Corporation - Video Downloader Pro.) C:\Program Files\Bigasoft\Video Downloader Pro\videodownloader.exe =>.Bigasoft Corporation O4 - GS\Quicklaunch [Administrator]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools O4 - GS\Quicklaunch [Administrator]: GOM Player.lnk . (.Copyright(C) Gretech Corp. All rights reserved. Since - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {78A2255D0AB283A4DC76EF94B250B7ED} O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Administrator]: jetAudio.lnk . (.JetAudio, Inc. - jetAudio.) C:\Program Files\JetAudio\JetAudio.exe {2B13AAC1A1EE61} O4 - GS\Quicklaunch [Administrator]: Mozilla Firefox.lnk . (...) C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\Quicklaunch [Administrator]: Nero Home Essentials SE.lnk . (.Nero AG - Nero Home.) C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe =>.Nero AG® O4 - GS\Quicklaunch [Administrator]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG® O4 - GS\Quicklaunch [Administrator]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech® O4 - GS\Quicklaunch [Administrator]: Winamp.lnk . (.Nullsoft, Inc. - Winamp.) C:\Program Files\Winamp\winamp.exe =>.Nullsoft Inc.® O4 - GS\Quicklaunch [Administrator]: Zoom Player MAX.lnk . (.Inmatrix LTD - Zoom Player.) C:\Program Files\Zoom Player MAX\zplayer.exe O4 - GS\Desktop [Guest]: ESET Smart Security.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.® O4 - GS\Desktop [Guest]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools O4 - GS\Desktop [Guest]: FM.lnk . (.版权所有 (C) 2004 - FM Microsoft 基础类应用程序.) C:\Program Files\Application\Video Wizard WDM Video Capture\FM.EXE O4 - GS\Desktop [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao® O4 - GS\Desktop [Guest]: Golden Al-Wafi Translator.lnk . (.ATA Software Technology Ltd - Golden Al-Wafi Translation Software.) C:\Program Files\Golden Al-Wafi Translator\Golden Al-Wafi Translator.exe O4 - GS\Desktop [Guest]: Internet Download Manager.lnk . (...) C:\Program Files\Internet Download Manager\IDMan.exe O4 - GS\Desktop [Guest]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG® O4 - GS\Desktop [Guest]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech® O4 - GS\Desktop [Guest]: Quraish(Arabic).lnk . (.AfkarMedia® - Quraish main executable.) C:\Program Files\AfkarMedia\Quraish\Quraish.exe O4 - GS\Desktop [Guest]: Video Wizard WDM Video Capture.lnk . (.Copyright (C) 2004 - .) C:\Program Files\Application\Video Wizard WDM Video Capture\WinTVR.EXE O4 - GS\Desktop [Guest]: Who Is On My Wifi.lnk . (.Copyright © 2013 - mywifi3.) C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe O4 - GS\Desktop [Guest]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files\Your Uninstaller! 7\urmain.exe O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\Administrator\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Guest]: ALL Media Server.lnk . (.ALLCinema Ltd. - .) C:\Program Files\ALLMediaServer\ALLMediaServer.exe O4 - GS\Quicklaunch [Guest]: Bigasoft Video Downloader Pro.lnk . (.Bigasoft Corporation - Video Downloader Pro.) C:\Program Files\Bigasoft\Video Downloader Pro\videodownloader.exe =>.Bigasoft Corporation O4 - GS\Quicklaunch [Guest]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools O4 - GS\Quicklaunch [Guest]: GOM Player.lnk . (.Copyright(C) Gretech Corp. All rights reserved. Since - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {78A2255D0AB283A4DC76EF94B250B7ED} O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Guest]: jetAudio.lnk . (.JetAudio, Inc. - jetAudio.) C:\Program Files\JetAudio\JetAudio.exe {2B13AAC1A1EE61} O4 - GS\Quicklaunch [Guest]: Mozilla Firefox.lnk . (...) C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\Quicklaunch [Guest]: Nero Home Essentials SE.lnk . (.Nero AG - Nero Home.) C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe =>.Nero AG® O4 - GS\Quicklaunch [Guest]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG® O4 - GS\Quicklaunch [Guest]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech® O4 - GS\Quicklaunch [Guest]: Winamp.lnk . (.Nullsoft, Inc. - Winamp.) C:\Program Files\Winamp\winamp.exe =>.Nullsoft Inc.® O4 - GS\Quicklaunch [Guest]: Zoom Player MAX.lnk . (.Inmatrix LTD - Zoom Player.) C:\Program Files\Zoom Player MAX\zplayer.exe O4 - GS\Desktop [HelpAssistant]: ESET Smart Security.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.® O4 - GS\Desktop [HelpAssistant]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools O4 - GS\Desktop [HelpAssistant]: FM.lnk . (.版权所有 (C) 2004 - FM Microsoft 基础类应用程序.) C:\Program Files\Application\Video Wizard WDM Video Capture\FM.EXE O4 - GS\Desktop [HelpAssistant]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao® O4 - GS\Desktop [HelpAssistant]: Golden Al-Wafi Translator.lnk . (.ATA Software Technology Ltd - Golden Al-Wafi Translation Software.) C:\Program Files\Golden Al-Wafi Translator\Golden Al-Wafi Translator.exe O4 - GS\Desktop [HelpAssistant]: Internet Download Manager.lnk . (...) C:\Program Files\Internet Download Manager\IDMan.exe O4 - GS\Desktop [HelpAssistant]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG® O4 - GS\Desktop [HelpAssistant]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech® O4 - GS\Desktop [HelpAssistant]: Quraish(Arabic).lnk . (.AfkarMedia® - Quraish main executable.) C:\Program Files\AfkarMedia\Quraish\Quraish.exe O4 - GS\Desktop [HelpAssistant]: Video Wizard WDM Video Capture.lnk . (.Copyright (C) 2004 - .) C:\Program Files\Application\Video Wizard WDM Video Capture\WinTVR.EXE O4 - GS\Desktop [HelpAssistant]: Who Is On My Wifi.lnk . (.Copyright © 2013 - mywifi3.) C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe O4 - GS\Desktop [HelpAssistant]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files\Your Uninstaller! 7\urmain.exe O4 - GS\Desktop [HelpAssistant]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\Administrator\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [HelpAssistant]: ALL Media Server.lnk . (.ALLCinema Ltd. - .) C:\Program Files\ALLMediaServer\ALLMediaServer.exe O4 - GS\Quicklaunch [HelpAssistant]: Bigasoft Video Downloader Pro.lnk . (.Bigasoft Corporation - Video Downloader Pro.) C:\Program Files\Bigasoft\Video Downloader Pro\videodownloader.exe =>.Bigasoft Corporation O4 - GS\Quicklaunch [HelpAssistant]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools O4 - GS\Quicklaunch [HelpAssistant]: GOM Player.lnk . (.Copyright(C) Gretech Corp. All rights reserved. Since - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {78A2255D0AB283A4DC76EF94B250B7ED} O4 - GS\Quicklaunch [HelpAssistant]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [HelpAssistant]: jetAudio.lnk . (.JetAudio, Inc. - jetAudio.) C:\Program Files\JetAudio\JetAudio.exe {2B13AAC1A1EE61} O4 - GS\Quicklaunch [HelpAssistant]: Mozilla Firefox.lnk . (...) C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\Quicklaunch [HelpAssistant]: Nero Home Essentials SE.lnk . (.Nero AG - Nero Home.) C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe =>.Nero AG® O4 - GS\Quicklaunch [HelpAssistant]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG® O4 - GS\Quicklaunch [HelpAssistant]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech® O4 - GS\Quicklaunch [HelpAssistant]: Winamp.lnk . (.Nullsoft, Inc. - Winamp.) C:\Program Files\Winamp\winamp.exe =>.Nullsoft Inc.® O4 - GS\Quicklaunch [HelpAssistant]: Zoom Player MAX.lnk . (.Inmatrix LTD - Zoom Player.) C:\Program Files\Zoom Player MAX\zplayer.exe O4 - GS\Desktop [SUPPORT_388945a0]: ESET Smart Security.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.® O4 - GS\Desktop [SUPPORT_388945a0]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools O4 - GS\Desktop [SUPPORT_388945a0]: FM.lnk . (.版权所有 (C) 2004 - FM Microsoft 基础类应用程序.) C:\Program Files\Application\Video Wizard WDM Video Capture\FM.EXE O4 - GS\Desktop [SUPPORT_388945a0]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao® O4 - GS\Desktop [SUPPORT_388945a0]: Golden Al-Wafi Translator.lnk . (.ATA Software Technology Ltd - Golden Al-Wafi Translation Software.) C:\Program Files\Golden Al-Wafi Translator\Golden Al-Wafi Translator.exe O4 - GS\Desktop [SUPPORT_388945a0]: Internet Download Manager.lnk . (...) C:\Program Files\Internet Download Manager\IDMan.exe O4 - GS\Desktop [SUPPORT_388945a0]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG® O4 - GS\Desktop [SUPPORT_388945a0]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech® O4 - GS\Desktop [SUPPORT_388945a0]: Quraish(Arabic).lnk . (.AfkarMedia® - Quraish main executable.) C:\Program Files\AfkarMedia\Quraish\Quraish.exe O4 - GS\Desktop [SUPPORT_388945a0]: Video Wizard WDM Video Capture.lnk . (.Copyright (C) 2004 - .) C:\Program Files\Application\Video Wizard WDM Video Capture\WinTVR.EXE O4 - GS\Desktop [SUPPORT_388945a0]: Who Is On My Wifi.lnk . (.Copyright © 2013 - mywifi3.) C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe O4 - GS\Desktop [SUPPORT_388945a0]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files\Your Uninstaller! 7\urmain.exe O4 - GS\Desktop [SUPPORT_388945a0]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\Administrator\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [SUPPORT_388945a0]: ALL Media Server.lnk . (.ALLCinema Ltd. - .) C:\Program Files\ALLMediaServer\ALLMediaServer.exe O4 - GS\Quicklaunch [SUPPORT_388945a0]: Bigasoft Video Downloader Pro.lnk . (.Bigasoft Corporation - Video Downloader Pro.) C:\Program Files\Bigasoft\Video Downloader Pro\videodownloader.exe =>.Bigasoft Corporation O4 - GS\Quicklaunch [SUPPORT_388945a0]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools O4 - GS\Quicklaunch [SUPPORT_388945a0]: GOM Player.lnk . (.Copyright(C) Gretech Corp. All rights reserved. Since - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {78A2255D0AB283A4DC76EF94B250B7ED} O4 - GS\Quicklaunch [SUPPORT_388945a0]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [SUPPORT_388945a0]: jetAudio.lnk . (.JetAudio, Inc. - jetAudio.) C:\Program Files\JetAudio\JetAudio.exe {2B13AAC1A1EE61} O4 - GS\Quicklaunch [SUPPORT_388945a0]: Mozilla Firefox.lnk . (...) C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\Quicklaunch [SUPPORT_388945a0]: Nero Home Essentials SE.lnk . (.Nero AG - Nero Home.) C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe =>.Nero AG® O4 - GS\Quicklaunch [SUPPORT_388945a0]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG® O4 - GS\Quicklaunch [SUPPORT_388945a0]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech® O4 - GS\Quicklaunch [SUPPORT_388945a0]: Winamp.lnk . (.Nullsoft, Inc. - Winamp.) C:\Program Files\Winamp\winamp.exe =>.Nullsoft Inc.® O4 - GS\Quicklaunch [SUPPORT_388945a0]: Zoom Player MAX.lnk . (.Inmatrix LTD - Zoom Player.) C:\Program Files\Zoom Player MAX\zplayer.exe O4 - GS\CommonDesktop [Public]: Allok Video Joiner.lnk . (...) C:\Program Files\Allok Video Joiner\Allok Video Joiner.exe O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd® O4 - GS\CommonDesktop [Public]: Dial-Up.lnk . (.ZTE中兴 - Dial-Up Microsoft 基础类应用程序.) C:\Program Files\zte\PC_DIAL_FWPV5.00.09\Dial-Up.exe O4 - GS\CommonDesktop [Public]: GOM Player.lnk . (.Copyright(C) Gretech Corp. All rights reserved. Since - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {78A2255D0AB283A4DC76EF94B250B7ED} O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\CommonDesktop [Public]: Hotspot Shield.lnk . (.AnchorFree Inc. - Hotspot Shield 5.1.2.) C:\Program Files\Hotspot Shield\bin\HSSCP.exe =>.AnchorFree Inc® O4 - GS\CommonDesktop [Public]: RealPlayer.lnk . (.RealNetworks, Inc. - RealPlayer.) C:\Program Files\Real\RealPlayer\realplay.exe =>.RealNetworks, Inc.® O4 - GS\CommonDesktop [Public]: Rome - Total War - Alexander.lnk . (.The Creative Assembly Ltd - Rome: Total War - Alexander.) C:\Program Files\SCC-TDS\Rome - Total War\RomeTW-ALX.exe =>.The Creative Assembly Ltd O4 - GS\CommonDesktop [Public]: Rome - Total War - Barbarian Invasion.lnk . (.The Creative Assembly Ltd - Rome: Total War - Barbarian Invasion.) C:\Program Files\SCC-TDS\Rome - Total War\RomeTW-BI.exe =>.The Creative Assembly Ltd O4 - GS\CommonDesktop [Public]: Rome - Total War.lnk . (.The Creative Assembly Ltd - Rome: Total War.) C:\Program Files\SCC-TDS\Rome - Total War\RomeTW.exe =>.The Creative Assembly Ltd O4 - GS\Startup [Public]: Who Is On My Wifi.lnk . (.Copyright © 2013 - mywifi3.) C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe O4 - GS\Programs [Public]: Format Factory 2.60.lnk . (...) C:\Program Files\FormatFactory 2.60\FormatFactory.exe ---\\ Lop.com/Domain Hijackers (2) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DCA34F41-23C0-4F74-8E15-B680EA6E9ED9}: DhcpNameServer = 192.168.1.1 ---\\ Extra protocols (28) - 2s O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll =>.Microsoft Corporation O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll =>.Microsoft Corporation® O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll =>.Microsoft Corporation O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation® O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll =>.Microsoft Corporation O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll =>.Microsoft Corporation O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll =>.Microsoft Corporation O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation® ---\\ Software installed (68) - 36s O42 - Logiciel: ACDSee Free - (.ACD Systems International Inc..) [HKLM] -- ACDSee Free =>.ACD Systems International Inc® O42 - Logiciel: Adobe Flash Player 12 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 12 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Reader XI (11.0.04) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} =>.Adobe Systems Incorporated O42 - Logiciel: AIMP3 - (.AIMP DevTeam.) [HKLM] -- AIMP3 =>.AIMP DevTeam O42 - Logiciel: ALLMediaServer - (.ALLCinema Ltd..) [HKLM] -- {FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1 O42 - Logiciel: Allok Video Joiner 4.6.0529 - (.Allok Soft Inc..) [HKLM] -- Allok Video Joiner_is1 O42 - Logiciel: AllokSoft Allok Video Joiner v4.6.0529 ShamFuture.com - (.ShamFuture.com.) [HKLM] -- {1E0ED455-F294-460F-9845-CF7A55BF4D53} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc. O42 - Logiciel: Blender - (.Blender Foundation.) [HKLM] -- Blender =>.Blender Foundation O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>.Piriform Ltd® O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM] -- {B46BEA36-0B71-4A4E-AE41-87241643FA0A} =>.CyberLink® O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM] -- InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A} =>.CyberLink® O42 - Logiciel: DriverPack Solution Updater - (.DriverPack Solution.) [HKCU] -- DRPSu Updater =>.Kuzyakov Artur Vyacheslavovich IP® O42 - Logiciel: Drv - (.My Company Name.) [HKLM] -- {DA71A94B-3617-4935-8BBE-1566B2174C95} O42 - Logiciel: ESET Smart Security - (.ESET, spol. s r.o..) [HKLM] -- {993949EA-4382-4C42-A8B0-16FB3D4F8CF8} =>.ESET, spol. s r.o. O42 - Logiciel: File Recover 8.0 - (.PC Tools.) [HKLM] -- File Recover_is1 {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools O42 - Logiciel: FormatFactory 3.6.0.0 - (.Format Factory.) [HKLM] -- FormatFactory =>.Format Factory O42 - Logiciel: Golden Al-Wafi Translator 1.12 - (.<>.) [HKLM] -- Golden Al-Wafi Translator (By DR.Ahmed Saker)_is1 O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM] -- GOM Player =>.Gretech Corporation O42 - Logiciel: Google Chrome - (.Google Inc‎.‎.) [HKLM] -- Google Chrome =>.Google Inc® O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: Hotspot Shield 5.1.2 - (.AnchorFree Inc..) [HKLM] -- HotspotShield =>.AnchorFree Inc® O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217045FF} =>.Oracle O42 - Logiciel: Java Auto Updater - (.Sun Microsystems, Inc..) [HKLM] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Sun Microsystems, Inc. O42 - Logiciel: jetAudio Basic - (.COWON.) [HKLM] -- {DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A} {2B13AAC1A1EE61} =>.COWON O42 - Logiciel: K-Lite Codec Pack 10.2.0 Full - (...) [HKLM] -- KLiteCodecPack_is1 O42 - Logiciel: Malwarebytes Anti-Malware النسخة 2.2.0.1024 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes O42 - Logiciel: Microsoft Software Update for Web Folders (Arabic) 12 - (.Microsoft Corporation.) [HKLM] -- {90120000-0010-0401-0000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Text-to-Speech Engine 4.0 (English) - (...) [HKLM] -- MSTTS O42 - Logiciel: Miro - (.Participatory Culture Foundation.) [HKLM] -- Miro =>.Participatory Culture Foundation O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService =>.Mozilla O42 - Logiciel: MSXML 6.0 Parser (KB925673) - (.Microsoft Corporation.) [HKLM] -- {FE9126DB-5F84-495A-BB46-3C724F1C2D08} =>.Microsoft Corporation O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM] -- {C3CF41F1-0373-4DD7-BE99-F33B00E51033} =>.Nero AG O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} =>.Nero AG O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA NView 136.53 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Update Components - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update =>.NVIDIA Corporation O42 - Logiciel: NVIDIA برنامج تشغيل الرسومات 307.83 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation O42 - Logiciel: PC_DIAL_FWPV5.00.09 - (.zte.) [HKLM] -- {88D613F4-D4AE-48F1-BF73-66A1886FB214} =>.ZTE O42 - Logiciel: PhotoScape - (...) [HKLM] -- PhotoScape O42 - Logiciel: Power Mp3 Cutter(Mp3 Sound Cutter) 1.40 - (.CooolSoft, Inc..) [HKLM] -- Power Mp3 Cutter(Mp3 Sound Cutter)_is1 O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044} =>.Apple Inc. O42 - Logiciel: Quraish - (.أفكـار ميديـا.) [HKLM] -- {5756E0B4-C092-4B0D-A935-80F72572B6F4} O42 - Logiciel: RealDownloader - (.RealNetworks, Inc..) [HKLM] -- {C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE} =>.RealNetworks, Inc. O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 16.0 =>.RealNetworks, Inc.® O42 - Logiciel: Realtek AC'97 Audio - (...) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E} O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB} =>.RealNetworks, Inc. O42 - Logiciel: Rome - Total War - (.SCC-TDS.) [HKLM] -- {590EDC61-9823-4D56-9E87-0D32DFC5D81D} =>.Macrovision Corporation® O42 - Logiciel: SigmaTel Audio - (.SigmaTel.) [HKLM] -- {A462213D-EED4-42C2-9A60-7BDD4D4B0B17} =>.SigmaTel O42 - Logiciel: TeleText - (...) [HKLM] -- {D46BF5B1-315A-4E7F-AC0A-206497BA7705} O42 - Logiciel: Video Downloader Pro - (.www.ad4cd.com.) [HKLM] -- Video Downloader Pro_is1 O42 - Logiciel: Video Wizard WDM Video Capture - (.Application.) [HKLM] -- {09AFDC81-D666-4194-B5B0-82461129F22C} =>.Application O42 - Logiciel: Video Wizard WDM Video Capture - (.Application.) [HKLM] -- InstallShield_{09AFDC81-D666-4194-B5B0-82461129F22C} =>.Application O42 - Logiciel: WebFldrs XP - (.Microsoft Corporation.) [HKLM] -- {350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} =>.Microsoft Corporation O42 - Logiciel: Who Is On My Wifi version 3.0.2 - (.IO3O LLC.) [HKLM] -- {010D45A1-093D-4534-8147-4E10E80F81CC}_is1 O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM] -- Winamp =>.Nullsoft, Inc O42 - Logiciel: Windows Media Format Runtime - (...) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Presentation Foundation - (.Microsoft Corporation.) [HKLM] -- {BAF78226-3200-4DB4-BE33-4D922A799840} =>.Microsoft Corporation O42 - Logiciel: WinRAR 5.00 بيتا 7 (32-بت) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver =>.win.rar GmbH® O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XpsEPSC =>.Microsoft Corporation O42 - Logiciel: Your Uninstaller Pro v7.3.2011.2 - (.Your Uninstaller Pro v7.3.2011.2.) [HKLM] -- {6D7E03A8-DF82-4D22-B4F7-251488BFEBC8} O42 - Logiciel: Your Uninstaller! 7 - (.URSoft, Inc..) [HKLM] -- YU2010_is1 {20D86DE3316D2F604A4A91753B51F566} O42 - Logiciel: ZHPFix 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1 =>.Nicolas Coolman O42 - Logiciel: Zoom Player MAX - (.www.ad4cd.com.) [HKLM] -- Zoom Player MAX_is1 O42 - Logiciel: تحديثات NVIDIA 1.10.8 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation O42 - Logiciel: دعم تطبيق Apple - (.Apple Inc..) [HKLM] -- {5D09C772-ECB3-442B-9CC6-B4341C78FDC2} =>.Apple Inc. O42 - Logiciel: لوحة تحكم NVIDIA 307.83 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation ---\\ HKCU & HKLM Software Keys (147) - 37s HKLM\SOFTWARE\ACD Systems HKLM\SOFTWARE\Adobe HKLM\SOFTWARE\Ahead HKLM\SOFTWARE\Apple Computer, Inc. HKLM\SOFTWARE\Apple Inc. HKLM\SOFTWARE\Application HKLM\SOFTWARE\Audible HKLM\SOFTWARE\BlenderFoundation HKLM\SOFTWARE\BrowserChoice HKLM\SOFTWARE\C07ft5Y HKLM\SOFTWARE\CDDB HKLM\SOFTWARE\ComputerAssociates HKLM\SOFTWARE\COWON HKLM\SOFTWARE\CyberLink HKLM\SOFTWARE\Disc Soft HKLM\SOFTWARE\DT Soft HKLM\SOFTWARE\Electronic Arts HKLM\SOFTWARE\ESET HKLM\SOFTWARE\Gemplus HKLM\SOFTWARE\GENIATEC HKLM\SOFTWARE\GNU HKLM\SOFTWARE\Golden Al-Wafi Translator HKLM\SOFTWARE\Google HKLM\SOFTWARE\GRETECH HKLM\SOFTWARE\HaaliMkx HKLM\SOFTWARE\Hasbro Interactive HKLM\SOFTWARE\honestech HKLM\SOFTWARE\HotspotShield HKLM\SOFTWARE\Icaros HKLM\SOFTWARE\Inmatrix HKLM\SOFTWARE\InstallShield HKLM\SOFTWARE\Intel HKLM\SOFTWARE\Internet Download Manager HKLM\SOFTWARE\IO3O HKLM\SOFTWARE\Items Technology Co., Ltd. HKLM\SOFTWARE\JavaSoft HKLM\SOFTWARE\Khronos HKLM\SOFTWARE\KLCodecPack HKLM\SOFTWARE\Lake HKLM\SOFTWARE\LAV HKLM\SOFTWARE\Licenses HKLM\SOFTWARE\Macromedia HKLM\SOFTWARE\magnet HKLM\SOFTWARE\Malwarebytes' Anti-Malware HKLM\SOFTWARE\Mooii HKLM\SOFTWARE\Mozilla HKLM\SOFTWARE\mozilla.org HKLM\SOFTWARE\MozillaPlugins HKLM\SOFTWARE\My Company Name HKLM\SOFTWARE\Nero HKLM\SOFTWARE\NVIDIA Corporation HKLM\SOFTWARE\ODBC HKLM\SOFTWARE\Opera Software HKLM\SOFTWARE\Participatory Culture Foundation HKLM\SOFTWARE\PCTools HKLM\SOFTWARE\Philips Semiconductors HKLM\SOFTWARE\Piriform HKLM\SOFTWARE\Program Groups HKLM\SOFTWARE\RealNetworks HKLM\SOFTWARE\Realtek HKLM\SOFTWARE\RegisteredApplications HKLM\SOFTWARE\SCC-TDS HKLM\SOFTWARE\Schlumberger HKLM\SOFTWARE\Secure HKLM\SOFTWARE\SigmaTel HKLM\SOFTWARE\Sims HKLM\SOFTWARE\Skype HKLM\SOFTWARE\Sunisoft HKLM\SOFTWARE\TunerData HKLM\SOFTWARE\Voice HKLM\SOFTWARE\Windows 3.1 Migration Status HKLM\SOFTWARE\WinRAR HKLM\SOFTWARE\WinTVR HKLM\SOFTWARE\Wondershare HKLM\SOFTWARE\Xing Technology Corp. HKLM\SOFTWARE\zte HKCU\SOFTWARE\ACD Systems HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\Ahead HKCU\SOFTWARE\ALLConverter PRO HKCU\SOFTWARE\ALLMediaServer HKCU\SOFTWARE\AnchorFree HKCU\SOFTWARE\Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. HKCU\SOFTWARE\CDDB HKCU\SOFTWARE\CleanMyPC HKCU\SOFTWARE\COWON HKCU\SOFTWARE\Cyberlink HKCU\SOFTWARE\Disc Soft HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\drpsu HKCU\SOFTWARE\DScaler5 HKCU\SOFTWARE\DT Soft HKCU\SOFTWARE\Electronic Arts HKCU\SOFTWARE\Emulators HKCU\SOFTWARE\ESET HKCU\SOFTWARE\FreeTime HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\geissplugin HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\GRETECH HKCU\SOFTWARE\Haali HKCU\SOFTWARE\Haemimont Games HKCU\SOFTWARE\honestech HKCU\SOFTWARE\Icaros HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\Install HKCU\SOFTWARE\Intel HKCU\SOFTWARE\InterVideo HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\Lake HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\madshi HKCU\SOFTWARE\MainConcept HKCU\SOFTWARE\MediaChance HKCU\SOFTWARE\MediaInfo HKCU\SOFTWARE\Mooii HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\MPC-HC HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Nimbuzz HKCU\SOFTWARE\NVIDIA Corporation HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\Participatory Culture Foundation HKCU\SOFTWARE\PCTools HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\Project07 HKCU\SOFTWARE\QtProject HKCU\SOFTWARE\quareeb.exe HKCU\SOFTWARE\RealNetworks HKCU\SOFTWARE\Skype HKCU\SOFTWARE\SpinTop HKCU\SOFTWARE\Sunisoft HKCU\SOFTWARE\The Creative Assembly HKCU\SOFTWARE\TheCreativeAssembly HKCU\SOFTWARE\TikGames HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\URSoft HKCU\SOFTWARE\VirtuaMedia HKCU\SOFTWARE\Voice HKCU\SOFTWARE\Winamp HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\ZebHelpProcess Helper ---\\ Contents of the Common Files folders (220) - 128s O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\ACD Systems =>.ACD Systems International Inc® O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Adobe =>.Adobe Systems, Incorporated® O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\AfkarMedia O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\AIMP3 O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\ALLMediaServer O43 - CFD: 22/04/2015 - [] D -- C:\Program Files\Allok Video Joiner O43 - CFD: 22/08/2015 - [] D -- C:\Program Files\ALLPlayer O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\AlmawredDictionary O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Apple Software Update =>.Apple Inc.® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Application O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Bigasoft O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Blender Foundation O43 - CFD: 22/04/2015 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\CleanMyPC O43 - CFD: 24/01/2016 - [] D -- C:\Program Files\Common Files O43 - CFD: 01/04/2015 - [0] D -- C:\Program Files\ComPlus Applications O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\CyberLink =>.CyberLink® O43 - CFD: 12/01/2016 - [] D -- C:\Program Files\ESET =>.ESET, spol. s r.o.® O43 - CFD: 02/10/2015 - [] D -- C:\Program Files\File Recover {42ABDC237D1BA31664BA4E7B05F23652} O43 - CFD: 09/06/2015 - [] D -- C:\Program Files\FreeTime =>.chen jun hao® O43 - CFD: 02/10/2015 - [] D -- C:\Program Files\GetData O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Golden Al-Wafi Translator O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\Google =>.Google Inc® O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\GRETECH {78A2255D0AB283A4DC76EF94B250B7ED} O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\honestech O43 - CFD: 18/12/2015 - [] D -- C:\Program Files\Hotspot Shield =>.AnchorFree Inc® O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\InstallShield Installation Information {2B13AAC1A1EE61} O43 - CFD: 26/01/2016 - [] D -- C:\Program Files\Internet Download Manager =>.Tonec Inc.® O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 27/05/2015 - [] D -- C:\Program Files\IO3O LLC O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Java =>.Oracle America, Inc.® O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\JetAudio O43 - CFD: 28/05/2015 - [] D -- C:\Program Files\Jnes O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\K-Lite Codec Pack O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes Corporation® O43 - CFD: 25/01/2016 - [] D -- C:\Program Files\MediaMonkey O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\microsoft frontpage O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Microsoft Visual Studio O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Microsoft Works O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\Microsoft.NET O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Movie Maker O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Mozilla Maintenance Service =>.Mozilla Corporation® O43 - CFD: 03/04/2015 - [] D -- C:\Program Files\MSBuild O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\MSN Gaming Zone O43 - CFD: 26/05/2015 - [] D -- C:\Program Files\MTK O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Mydrv O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Nero =>.Nero AG® O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\NetMeeting O43 - CFD: 03/06/2015 - [] D -- C:\Program Files\NirSoft =>.Nir Sofer® O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\NVIDIA Corporation =>.NVIDIA Corporation® O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Online Services O43 - CFD: 08/01/2016 - [] D -- C:\Program Files\Opera O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Outlook Express O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Participatory Culture Foundation O43 - CFD: 22/04/2015 - [] D -- C:\Program Files\Philips Semiconductors O43 - CFD: 16/08/2015 - [] D -- C:\Program Files\Photo! O43 - CFD: 16/08/2015 - [] D -- C:\Program Files\PhotoScape =>.Mooii Tech® O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Power Mp3 Cutter(Mp3 Sound Cutter) O43 - CFD: 24/01/2016 - [] D -- C:\Program Files\QuickTime O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Real =>.RealNetworks, Inc.® O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\RealNetworks =>.RealNetworks, Inc.® O43 - CFD: 03/04/2015 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\SCC-TDS O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\SigmaTel =>.InstallShield Software Corporation® O43 - CFD: 25/04/2015 - [] D -- C:\Program Files\TDS_SCC O43 - CFD: 01/04/2015 - [0] D -- C:\Program Files\Uninstall Information O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Winamp O43 - CFD: 02/04/2015 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Windows NT O43 - CFD: 01/04/2015 - [0] HD -- C:\Program Files\WindowsUpdate O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH® O43 - CFD: 03/06/2015 - [0] D -- C:\Program Files\Wondershare O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\xerox O43 - CFD: 24/01/2016 - [] D -- C:\Program Files\Your Uninstaller! 7 O43 - CFD: 24/01/2016 - [] D -- C:\Program Files\ZHPFix O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Zoom Player MAX O43 - CFD: 06/05/2015 - [] D -- C:\Program Files\zte O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\قاموس صخر الجديد O43 - CFD: 03/04/2015 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\ACDSee Free O43 - CFD: 01/04/2015 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\AIMP3 O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\ALLMediaServer O43 - CFD: 22/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Allok Video Joiner O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Blender Foundation O43 - CFD: 12/01/2016 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\CyberLink PowerDVD 12 O43 - CFD: 12/01/2016 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\ESET O43 - CFD: 02/10/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\File Recover O43 - CFD: 01/04/2015 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Games O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Golden Al-Wafi Translator O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\GOM Player O43 - CFD: 02/11/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Hotspot Shield O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Java O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\jetAudio O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack O43 - CFD: 22/01/2016 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 24/01/2016 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Miro O43 - CFD: 04/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Nero 7 Essentials O43 - CFD: 06/05/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\PC_DIAL_FWPV5.00.09 O43 - CFD: 22/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Philips Semiconductors O43 - CFD: 16/08/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\PhotoScape O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Power Mp3 Cutter(Mp3 Sound Cutter) O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks O43 - CFD: 12/01/2016 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup O43 - CFD: 23/09/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Who Is On My Wifi O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR O43 - CFD: 24/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Your Uninstaller! 7 O43 - CFD: 24/01/2016 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\ZHP O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Adobe O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Ahead O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Apple O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Apple Computer O43 - CFD: 10/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Astroburn Lite O43 - CFD: 24/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Baidu O43 - CFD: 09/06/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\CyberLink O43 - CFD: 10/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite O43 - CFD: 12/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\ESET O43 - CFD: 02/11/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Hotspot Shield O43 - CFD: 26/05/2015 - [0] D -- C:\Documents and Settings\All Users\Application Data\IDM O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\install_clap O43 - CFD: 22/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Malwarebytes O43 - CFD: 01/04/2015 - [] SD -- C:\Documents and Settings\All Users\Application Data\Microsoft O43 - CFD: 24/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Microsoft Help O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Mozilla O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Nero O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\NVIDIA O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\PDVD O43 - CFD: 03/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Real O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\RealNetworks O43 - CFD: 12/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\RogueKiller O43 - CFD: 24/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Skype O43 - CFD: 07/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Steam O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Sun O43 - CFD: 26/01/2016 - [0] AD -- C:\Documents and Settings\All Users\Application Data\TEMP O43 - CFD: 03/06/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Wondershare Player O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Adobe O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Ahead O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Apple O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\COWON O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\DESIGNER O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Common Files\InstallShield O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Java O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\MSSoap O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\ODBC O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Services O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\System O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Wondershare O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\xing shared O43 - CFD: 04/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\AC3Filter O43 - CFD: 18/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Adobe O43 - CFD: 04/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Ahead O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\AIMP3 O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Apple Computer O43 - CFD: 29/07/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\CyberLink O43 - CFD: 26/01/2016 - [0] D -- C:\Documents and Settings\Administrator\Application Data\DMCache O43 - CFD: 02/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\DRPSu O43 - CFD: 30/05/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\ESET O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\GRETECH O43 - CFD: 02/11/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Hotspot Shield O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Identities O43 - CFD: 26/01/2016 - [] D -- C:\Documents and Settings\Administrator\Application Data\IDM O43 - CFD: 10/01/2016 - [] D -- C:\Documents and Settings\Administrator\Application Data\InstallShield O43 - CFD: 22/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Macromedia O43 - CFD: 26/05/2015 - [] SD -- C:\Documents and Settings\Administrator\Application Data\Microsoft O43 - CFD: 26/05/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Mozilla O43 - CFD: 12/01/2016 - [0] D -- C:\Documents and Settings\Administrator\Application Data\MPC-HC O43 - CFD: 11/11/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Opera Software O43 - CFD: 04/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Participatory Culture Foundation O43 - CFD: 27/01/2016 - [0] D -- C:\Documents and Settings\Administrator\Application Data\PhotoScape O43 - CFD: 27/05/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Real O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\RealNetworks O43 - CFD: 24/09/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\SpinTop O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Sun O43 - CFD: 07/01/2016 - [] D -- C:\Documents and Settings\Administrator\Application Data\The Creative Assembly O43 - CFD: 24/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\URSoft O43 - CFD: 22/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Winamp O43 - CFD: 26/05/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\WinRAR O43 - CFD: 27/01/2016 - [] D -- C:\Documents and Settings\Administrator\Application Data\ZHP O43 - CFD: 18/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe O43 - CFD: 02/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Ahead O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ALLMediaServer O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple Computer O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\CyberLink O43 - CFD: 10/01/2016 - [0] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Deployment O43 - CFD: 30/05/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ESET O43 - CFD: 13/09/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google O43 - CFD: 09/06/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\MediaMonkey O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\MediaServer O43 - CFD: 03/04/2015 - [] SD -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft O43 - CFD: 01/04/2015 - [0] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Help O43 - CFD: 26/05/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla O43 - CFD: 11/11/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Opera Software O43 - CFD: 31/05/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Skype O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Sun O43 - CFD: 03/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Tipard Studio O43 - CFD: 07/05/2015 - [0] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\WMTools Downloaded Files O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Wondershare O43 - CFD: 01/04/2015 - [] RD -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories O43 - CFD: 29/07/2015 - [] RD -- C:\Documents and Settings\Administrator\Start Menu\Programs\Administrative Tools O43 - CFD: 10/01/2016 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\AfkarMedia O43 - CFD: 24/04/2010 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\AVer Zone O43 - CFD: 09/06/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\FormatFactory O43 - CFD: 26/05/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\MTK Hotspot O43 - CFD: 04/04/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\Nero 7 Essentials O43 - CFD: 03/06/2015 - [0] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\NirSoft Wireless Network Watcher O43 - CFD: 26/01/2016 - [] RD -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\Video Downloader Pro O43 - CFD: 24/04/2010 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\Video Wizard WDM Video Capture O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\WinRAR O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\Zoom Player MAX O43 - CFD: 01/04/2015 - [] RD -- C:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\Accessories O43 - CFD: 01/04/2015 - [] RD -- C:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\Startup ---\\ ShellIconOverlayIdentifiers (SIOI) (7) - 0s O106 - SIOI: IDM Shell Extension [ IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll =>.Tonec Inc.® O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation® O106 - SIOI: Offline Files Menu [Offline Files] - {750fdf0e-2a26-11d1-a3ea-080036587f03}. (.Microsoft Corporation - Client Side Caching UI.) -- C:\WINDOWS\system32\cscui.dll =>.Microsoft Corporation ---\\ System Drivers List (60) - 15s O58 - SDL:2007/01/23 12:00:00 RA . (.Philips Semiconductors GmbH - SAA713x Analog + Digital TV Card Driver.) -- C:\WINDOWS\System32\drivers\3xHybrid.sys [716160] O58 - SDL:2008/09/23 23:40:22 RA . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS [4122368] =>.Realtek Semiconductor Corp. O58 - SDL:2003/04/01 23:36:42 RA . (.Philips Semiconductors - cap7134.) -- C:\WINDOWS\System32\drivers\Cap7134.sys [348352] O58 - SDL:2011/03/04 11:44:12 N . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see Px.) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys [9072] =>.Sonic Solutions® O58 - SDL:2011/03/04 11:44:12 N . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\WINDOWS\System32\drivers\cdralw2k.sys [9200] =>.Sonic Solutions® O58 - SDL:2012/07/12 04:40:06 A . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\System32\drivers\cinemst2.sys [262528] =>.RAVISENT Technologies Inc. O58 - SDL:2012/07/12 04:40:06 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\System32\drivers\cpqdap01.sys [11776] =>.Compaq Computer Corporation O58 - SDL:2008/04/14 04:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmboot.sys [799744] =>.Microsoft Corp., Veritas Software O58 - SDL:2008/04/14 04:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\System32\drivers\dmio.sys [153344] =>.Microsoft Corp., Veritas Software O58 - SDL:2008/04/14 04:00:00 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmload.sys [5888] =>.Microsoft Corp., Veritas Software. O58 - SDL:2015/09/23 09:30:22 A . (.ESET - Amon monitor.) -- C:\WINDOWS\System32\drivers\eamonm.sys [205800] =>.ESET, spol. s r.o.® O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Helper driver.) -- C:\WINDOWS\System32\drivers\ehdrv.sys [145512] =>.ESET, spol. s r.o.® O58 - SDL:2015/10/07 06:16:32 A . (.ESET - ESET OPP Keyboard Filter.) -- C:\WINDOWS\System32\drivers\ekbdflt.sys [111040] =>.ESET, spol. s r.o.® O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\WINDOWS\System32\drivers\epfw.sys [161992] =>.ESET, spol. s r.o.® O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall NDIS filter.) -- C:\WINDOWS\System32\drivers\epfwndis.sys [47168] =>.ESET, spol. s r.o.® O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall TDI filter.) -- C:\WINDOWS\System32\drivers\epfwtdi.sys [69816] =>.ESET, spol. s r.o.® O58 - SDL:2008/04/14 04:00:00 A . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [144384] O58 - SDL:2015/10/05 09:50:04 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [23256] =>.Malwarebytes Corporation® O58 - SDL:2015/10/05 09:50:10 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [121560] =>.Malwarebytes Corporation® O58 - SDL:2016/01/27 03:56:43 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [170200] =>.Malwarebytes Corporation® O58 - SDL:2012/07/12 04:44:02 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mv61xxmm.sys [13616] =>.Marvell Semiconductor® O58 - SDL:2012/07/12 04:44:02 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mv64xxmm.sys [5632] =>.Marvell Semiconductor Inc. O58 - SDL:2012/07/12 04:44:02 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mvxxmm.sys [13616] =>.Marvell Semiconductor® O58 - SDL:2012/07/12 04:40:06 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\nikedrv.sys [12032] =>.S3/Diamond Multimedia Systems O58 - SDL:2013/01/31 03:22:47 A . (.NVIDIA Corporation - NVIDIA Windows XP Miniport Driver, Version.) -- C:\WINDOWS\System32\drivers\nv4_mini.sys [12648960] =>.NVIDIA Corporation® O58 - SDL:2004/03/27 22:25:14 RA . (.China Geniatech Inc. - WDM TCL TV Tuner MiniDriver.) -- C:\WINDOWS\System32\drivers\PhTVTune.sys [24176] O58 - SDL:2009/01/22 05:08:34 RA . (.Windows (R) Codename Longhorn DDK provider - Generic Port I/O.) -- C:\WINDOWS\System32\drivers\PortIo.sys [4864] =>.Windows (R) Codename Longhorn DDK provider O58 - SDL:2008/04/14 04:00:00 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- C:\WINDOWS\System32\drivers\ptilink.sys [17792] =>.Parallel Technologies, Inc. O58 - SDL:2011/03/04 11:44:14 N . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\System32\drivers\PxHelp20.sys [45648] =>.Sonic Solutions® O58 - SDL:2012/07/12 04:40:06 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\System32\drivers\rio8drv.sys [12032] =>.S3/Diamond Multimedia Systems O58 - SDL:2012/07/12 04:40:06 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\riodrv.sys [12032] =>.S3/Diamond Multimedia Systems O58 - SDL:2012/12/19 07:30:00 A . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys [386528] =>.Realtek Semiconductor Corp® O58 - SDL:2005/09/04 20:00:00 A . (.Philips Semiconductors - SAA713x TV Card - Video Capture Driver.) -- C:\WINDOWS\System32\drivers\SAA713x.sys [279552] O58 - SDL:2008/04/14 04:00:00 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\drivers\secdrv.sys [20480] =>.Macrovision Corporation, Macrovision Europe Limited, O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - CP2101 USB Composite Device Driver.) -- C:\WINDOWS\System32\drivers\slabbus.sys [58368] =>.MCCI Corporation O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\slabcm.sys [5504] =>.MCCI Corporation O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\slabcmnt.sys [5504] =>.MCCI Corporation O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - CP2101 USB to UART Bridge Controller WDM.) -- C:\WINDOWS\System32\drivers\slabser.sys [75776] =>.MCCI Corporation O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\slabwh.sys [5504] =>.MCCI Corporation O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\slabwhnt.sys [5504] =>.MCCI Corporation O58 - SDL:2015/08/21 10:13:10 A . (.AnchorFree Inc - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\System32\drivers\taphss.sys [33512] =>.AnchorFree Inc® O58 - SDL:2016/01/24 00:54:31 A . (...) -- C:\WINDOWS\System32\drivers\TrueSight.sys [24688] =>.Adlice® O58 - SDL:2012/07/12 04:40:06 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\System32\drivers\tsbvcap.sys [21376] =>.Toshiba Corporation O58 - SDL:2012/07/12 04:40:06 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys [58112] =>.RAVISENT Technologies Inc. O58 - SDL:2005/09/04 20:00:00 A . (.Philips Semiconductors - WDM TV Tuner Driver.) -- C:\WINDOWS\System32\drivers\WDMTuner.sys [25984] O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ansi.sys [9029] O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\country.sys [27097] O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\himem.sys [4768] O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\key01.sys [42809] O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\keyboard.sys [42537] O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntdos.sys [27866] O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntdos404.sys [29146] O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntdos411.sys [29370] O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntdos412.sys [29274] O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntdos804.sys [29146] O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntio.sys [33840] O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntio404.sys [34560] O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntio411.sys [35648] O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntio412.sys [35424] O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntio804.sys [34560] ---\\ Last modified or created user files (2) - 23s O61 - LFC: 2016/01/26 01:52:25 A . (..) -- C:\Documents and Settings\Administrator\Application Data\Participatory Culture Foundation\Miro\Support\gst_registry.bin [741368] O61 - LFC: 2016/01/24 17:21:53 A . (..) -- C:\Documents and Settings\Administrator\Application Data\GRETECH\GomPlayer\GrLauncherTempSetup.exe [0] ---\\ File Associations Shell Spawning (8) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\WINDOWS\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Start Menu Internet (17) - 1s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Opera\launcher.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe =>.Microsoft Corporation ---\\ Search Browser Infection (2) - 3s O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com/ ---\\ Search Svchost Services (41) - 2s O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\WINDOWS\system32\appmgmts.dll [167936] =>.Microsoft Corporation O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496] =>.Microsoft Corporation O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [77824] =>.Microsoft Corporation O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [62464] =>.Microsoft Corporation O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - Logical Disk Manager service dll.) -- C:\WINDOWS\system32\dmserver.dll [23552] =>.Microsoft Corp. O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - DHCP Client Service.) -- C:\WINDOWS\system32\dhcpcsvc.dll [126976] =>.Microsoft Corporation O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040] =>.Microsoft Corporation O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - .) -- C:\WINDOWS\system32\es.dll [253952] =>.Microsoft Corporation O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168] =>.Microsoft Corporation O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504] =>.Microsoft Corporation O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Infrared Monitor.) -- C:\WINDOWS\system32\irmon.dll [28160] =>.Microsoft Corporation O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [99840] =>.Microsoft Corporation O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [134144] =>.Microsoft Corporation O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792] =>.Microsoft Corporation O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Network Connections Manager.) -- C:\WINDOWS\system32\netman.dll [198144] =>.Microsoft Corporation O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provi.) -- C:\WINDOWS\system32\mswsock.dll [245248] =>.Microsoft Corporation O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Removable Storage Manager.) -- C:\WINDOWS\system32\ntmssvc.dll [435200] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [88576] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [186368] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [53248] =>.Microsoft Corporation O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Task Scheduler Engine.) -- C:\WINDOWS\system32\schedsvc.dll [192512] =>.Microsoft Corporation O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [18944] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\system32\ipnathlp.dll [330752] =>.Microsoft Corporation O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - System Restore Service.) -- C:\WINDOWS\system32\srsvc.dll [171008] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\WINDOWS\system32\tapisrv.dll [249856] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168] =>.Microsoft Corporation O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112] =>.Microsoft Corporation O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Windows Time Service.) -- C:\WINDOWS\system32\w32time.dll [175616] =>.Microsoft Corporation O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Wireless Zero Configuration Service.) -- C:\WINDOWS\system32\wzcsvc.dll [483328] =>.Microsoft Corporation O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - Advanced Windows 32 Base API.) -- C:\WINDOWS\system32\advapi32.dll [617472] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\wmisvc.dll [144896] =>.Microsoft Corporation O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896] =>.Microsoft Corporation O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129024] =>.Microsoft Corporation O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Quarantine Agent Service Run-Time.) -- C:\WINDOWS\system32\qagentrt.dll [291328] =>.Microsoft Corporation O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\WINDOWS\system32\kmsvc.dll [61440] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\system32\qmgr.dll [409088] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [23064] =>.Microsoft Windows Component Publisher® O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168] =>.Microsoft Corporation O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll [38400] =>.Microsoft Corporation O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\MsPMSNSv.dll [25088] =>.Microsoft Corporation ---\\ Additional Scan (O88) (1) - 0s ~ No malicious or unnecessary items found. ---\\ Summary of the elements found (1) - 0s ~ No malicious or unnecessary items found. ~ End of the scan, 22078 items in 00h05mn27s (918)(0)